Australian Inboxes Attacked by a Fake ASIC Email Malware

A new wave of fake emails has struck, and this time, they claim to be from Australian corporate regulator. This is, of course, completely fake, and they are actually loaded with malware.

So, there is another malware attack on everyone’s hands, and this one began on July 10. It escalated pretty quickly, and it is one of the largest malware deliveries detected in the last year.

The email tries to trick its victims by pretending to be from Australian Securities and Investments Commission. When you open it, it claims that your business name needs to be renewed. It also, quite conveniently, provides you with a link to do so. Only, when you click it, you will download a malicious JavaScript file.

Craig McDonald, MailGuard’s CEO, has said that it is still not entirely clear what type of malware this is. However, it is known that its purpose is to damage or disrupt data or an entire system. Alternatively, it might even try to gain control over it.

MailGuard has even released some instructions on how to recognize this email as a fake one. For example, it seem’s to be coming from ‘ASIC Messaging Service’. Its domain was registered in China, and it is ASIC.Transaction.No-reply @ asicdesk. com [altered].

Next, its subject states simply ‘Renewal’, and the message itself has both the government coat of arms, as well as ASIC branding. You can still recognize it by the lack of personalisation. For instance, it addresses you as a ‘Dear customer’, and not by your name, which is what legitimate companies would do.

There are also details about how to renew your business name. You are advised to pay for it via invoice request, or by your credit card. This is all part of the scam, and McDonald said that hackers want you to download this malware, and then open your wallets.

And finally, the last thing that can tell you that the email is fake is the fact that it is signed by ‘Myra Tando, Senior Executive Leader, Registry’. Upon checking, MailGuard has confirmed that ASIC doesn’t have an employee by that name.

This is just another attack in a row that is using ASIC as its fake identity, and every time it was an attack with malware-infected emails. Previous attacks have landed in January, March, and in May. This is the fourth one of the same kind this year, and it came out only a few days after MailGuard published details concerning a similar email scam for Windows users.

This other scam was trying to convince victims that it comes from ATO (Australian Taxation Office). The message that this email contains says that the sender has received victim’s tax info. They are now asking what to do with it, and of course, there is a suspiciously looking attachment involved.